Jboss + Apache + SSL + Virtual Hosts + CAS

Alatalo, Antoni antoni.alatalo at logica.com
Tue Sep 16 05:56:20 EDT 2008 

Hi,
thank you for response. Probably you have some more configurations? I couldn't find any configuration ore class that uses such parameter.


Terv.
Antoni



________________________________
From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu] On Behalf Of Pablo Mosquera Saenz
Sent: 16. syyskuuta 2008 10:27
To: Yale CAS mailing list
Subject: Re: Jboss + Apache + SSL + Virtual Hosts + CAS

I dont know if this can help you, but you can config CAS telling where the keystore is:

In my app:

cas.client.trustStore=/usr/local/java/jdk1.5.0_12/jre/lib/security/gen.keystore

The problem is that I have a similar config, but instead of apache I have IIS. When I use machine:port urls for my cas config (loginUrl and validateUrl for example) it works, but when using a hostname (resolved by IIS) it doesn´t work and I have a PKIX exception

2008/9/16 Alatalo, Antoni <antoni.alatalo at logica.com<mailto:antoni.alatalo at logica.com>>
Anyone?


Terv.
Antoni



________________________________

From: cas-bounces at tp.its.yale.edu<mailto:cas-bounces at tp.its.yale.edu> [mailto:cas-bounces at tp.its.yale.edu<mailto:cas-bounces at tp.its.yale.edu>] On Behalf Of Alatalo, Antoni
Sent: 12. syyskuuta 2008 9:58
To: cas at tp.its.yale.edu<mailto:cas at tp.its.yale.edu>
Subject: Jboss + Apache + SSL + Virtual Hosts + CAS


Hi,
I have  an Liferay running under Jboss. Liferay have several virtual hosts inside. Each of them uses it's own cas application. Cas applications runs also under Jboss.
Because of ssl i needed to install Apache in front of Jboss. There is regular configurations in httpd.conf to use virtual hosts and use also ssl with this hosts.
Everything works fine when i don't need CAS, but while autehntication CAS does not find valid sertificates. Sertificates are self created with openssl and keytool and are added to jvm's cacerts file.
Jbosses tomcat is configured to use only port 8109.

How do i tell CAS or Jboss to try to find hosts sertificate from cacerts?

Thank you
Antoni Alatalo
Ohjelmistoasiantuntija
Kuntatoimiala, sosiaalitoimi
_________________________________________

Logica - Releasing your potential

Karvaamokuja 2
PL 38
00381 Helsinki
Tel: +358 10 302 010
Mob: +358 40 583 1097
antoni.alatalo at logica.com<mailto:antoni.alatalo at logica.com>
www.logica.fi<http://www.logica.fi> <http://www.logicacmg.fi>
WM-datan nimi on nyt Logica.

_______________________________________________
Yale CAS mailing list
cas at tp.its.yale.edu<mailto:cas at tp.its.yale.edu>
http://tp.its.yale.edu/mailman/listinfo/cas

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080916/fe60d88b/attachment.html

More information about the cas mailing list